Field Level Security – Update, Don’t Read

I always assumed Field Level Security privileges are somehow inclusive, meaning you can’t have Update privilege without Read. I was wrong.

Defining the Field Security privileges like this

image

will prevent the profile users from reading the secured field value but will allow them to create with and update it.

FLSDemo

I can’t think of a business process which requires such behavior, but since Field Level Security apply to APIs as well as UI, it may be useful when external applications are required to update a secured value but are not allowed to retrieve it.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s